wracam po tygodniu, a tu jakieś gówno mi wyskakuje w przeglądarce (Chrome) zaraz po odpaleniu systemu.
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:15-09-2015
Uruchomiony przez Blady (administrator) PC (21-09-2015 09:52:40)
Uruchomiony z C:\Users\Blady\Desktop\Nowy folder
Załadowane profile: Blady (Dostępne profile: Blady)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądanka: Chrome)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesy (filtrowane) =================
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(brother Industries Ltd) C:\Windows\SysWOW64\BRSVC01A.EXE
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(brother Industries Ltd) C:\Windows\SysWOW64\BRSS01A.EXE
() C:\Windows\SysWOW64\PnkBstrA.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\loggingserver.exe
(Gigabyte Technology CO.) C:\Program Files\GIGABYTE\SMART6\Recovery\RPMDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Dropbox, Inc.) C:\Users\Blady\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Secure Search) C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Blady\Desktop\Nowy folder\ComboFix.exe
==================== Rejestr (filtrowane) ===========================
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3775912 2015-08-24] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-07-27] (Raptr, Inc)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [3175312 2015-08-26] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CMD] => cmd.exe /c start http://gangnamgame.org && exit
HKLM\...\RunOnce: [RPMKickstart] => C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe [2552320 2011-03-30] (Gigabyte Technology CO., LTD.)
HKLM-x32\...\RunOnce: [vcredist_x86_del] => C:\Users\Blady\AppData\Local\Microsoft\Redist\vcredist_x86.exe [152064 2015-07-28] (Program Redist)
HKU\S-1-5-21-2220026274-96697493-1377027978-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2220026274-96697493-1377027978-1000\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-2220026274-96697493-1377027978-1000\...\Run: [Dropbox Update] => C:\Users\Blady\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
IFEO\adwcleaner_5.005.exe: [Debugger] svchost.exe
IFEO\AnVir.exe: [Debugger] svchost.exe
IFEO\AutoLogger.exe: [Debugger] svchost.exe
IFEO\avz.exe: [Debugger] svchost.exe
IFEO\CCleaner.exe: [Debugger] svchost.exe
IFEO\CCleaner64.exe: [Debugger] svchost.exe
IFEO\FRST.exe: [Debugger] svchost.exe
IFEO\FRST64.exe: [Debugger] svchost.exe
IFEO\HiJackThis.exe: [Debugger] svchost.exe
IFEO\mbam.exe: [Debugger] svchost.exe
IFEO\regedit.exe: [Debugger] svchost.exe
IFEO\RegWorks.exe: [Debugger] svchost.exe
IFEO\RSIT.exe: [Debugger] svchost.exe
IFEO\RSITx64.exe: [Debugger] svchost.exe
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Blady\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Blady\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Blady\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Blady\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Blady\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Blady\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Blady\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Blady\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
Startup: C:\Users\Blady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-09-06]
ShortcutTarget: Dropbox.lnk -> C:\Users\Blady\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (filtrowane) ====================
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{7EC30386-856E-4AB5-BC0C-9CF04268C87F}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Internet Explorer:
==================
HKU\S-1-5-21-2220026274-96697493-1377027978-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={6DB0326A-C6B5-440A-93B9-128E4E2FE8DD}&mid=083e1e6d6bd547d288f281ac0f5beeeb-1abdb1771a3dd5bae860dc9fcc7dfceb3e7a6cc1&lang=pl&ds=AVG&coid=avgtbavg&cmpid=0415av&pr=fr&d=2015-05-06 16:57:47&v=4.1.0.411&pid=wtu&sg=&sap=hp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2220026274-96697493-1377027978-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={6DB0326A-C6B5-440A-93B9-128E4E2FE8DD}&mid=083e1e6d6bd547d288f281ac0f5beeeb-1abdb1771a3dd5bae860dc9fcc7dfceb3e7a6cc1&lang=pl&ds=AVG&coid=avgtbavg&cmpid=0415av&pr=fr&d=2015-05-06 16:57:47&v=4.1.0.411&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2220026274-96697493-1377027978-1000 -> {D312428F-B49E-495b-B26E-8840C5D25B70} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
SearchScopes: HKU\S-1-5-21-2220026274-96697493-1377027978-1000 -> {E844CDCF-7AA3-4039-99B8-DB5565E2B9FE} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-31] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-31] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-31] (Oracle Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.1.6.294\AVG Web TuneUp.dll [2015-08-26] (AVG)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-31] (Oracle Corporation)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-31] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-31] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.1.6\\npsitesafety.dll [Brak pliku]
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-31] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2220026274-96697493-1377027978-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-05-04] ()
Chrome:
=======
CHR Profile: C:\Users\Blady\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentacje Google) - C:\Users\Blady\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-06]
CHR Extension: (Dokumenty Google) - C:\Users\Blady\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-06]
CHR Extension: (Dysk Google) - C:\Users\Blady\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-06]
CHR Extension: (YouTube) - C:\Users\Blady\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-06]
CHR Extension: (Adblock Plus) - C:\Users\Blady\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-06]
CHR Extension: (Google Search) - C:\Users\Blady\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-06]
CHR Extension: (Arkusze Google) - C:\Users\Blady\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\Blady\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]
CHR Extension: (Night Time In New York City) - C:\Users\Blady\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnimonidkipnhnpgkhgliocfnnpgkhek [2015-04-01]
CHR Extension: (Better Battlelog (BBLog)) - C:\Users\Blady\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjlfnjepjdmlppapoikepbaabbghofma [2014-11-14]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Blady\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-06]
CHR Extension: (Mój motyw Chrome) - C:\Users\Blady\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2014-09-06]
CHR Extension: (Gmail) - C:\Users\Blady\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-06]
Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\Blady\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2014-12-17]
==================== Usługi (filtrowane) ========================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2015-06-22] (Advanced Micro Devices) [Brak podpisu cyfrowego]
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3637160 2015-08-24] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [335656 2015-08-24] (AVG Technologies CZ, s.r.o.)
R2 Brother XP spl Service; C:\Windows\SysWOW64\brsvc01a.exe [57344 2004-06-14] (brother Industries Ltd)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [Brak podpisu cyfrowego]
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1720888 2015-08-18] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6920248 2015-09-08] (GOG.com)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Brak podpisu cyfrowego]
S3 Origin Client Service; E:\Gry\Origin\OriginClientService.exe [1931632 2015-04-25] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-11-14] ()
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [Brak podpisu cyfrowego]
R2 vToolbarUpdater40.1.6; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\ToolbarUpdater.exe [1874320 2015-08-26] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-07-11] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1205136 2015-08-26] ()
===================== Sterowniki (filtrowane) ==========================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [297672 2015-07-29] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313264 2015-08-19] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [297904 2015-08-19] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [250800 2015-08-04] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [300464 2015-08-04] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-06] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-10-24] ()
R3 XENfiltv; C:\Windows\System32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
==================== NetSvcs (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
==================== Jeden miesiąc - utworzone pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2015-09-21 09:52 - 2015-09-21 09:52 - 00000000 ____D C:\FRST
2015-09-21 09:49 - 2015-09-21 09:52 - 00000000 ____D C:\Users\Blady\Desktop\Nowy folder
2015-09-21 09:49 - 2015-09-21 09:49 - 02191360 _____ (Farbar) C:\Users\Blady\Downloads\FRST64.exe
2015-09-12 14:58 - 2015-09-12 14:58 - 00032279 _____ C:\Users\Blady\Downloads\Metal Gear Solid V The Phantom Pain 2015 [Update v 1 005 Crack v 2] [RAR] [3DM][Torrenty.org].torrent
2015-09-12 11:59 - 2015-09-12 11:59 - 00000000 ____D C:\Users\Blady\Desktop\MGSV.TPP.Crack.v2.For.v1005
2015-09-12 11:59 - 2015-09-12 10:00 - 01265422 _____ C:\Users\Blady\Desktop\MGSV.TPP.Crack.v2.For.v1005.rar
2015-09-12 09:59 - 2015-09-12 10:00 - 01265422 _____ C:\Users\Blady\Downloads\MGSV.TPP.Crack.v2.For.v1005.rar
2015-09-11 12:07 - 2015-09-11 12:07 - 00008584 _____ C:\Users\Blady\Documents\Uninstall Mass Effect.log
2015-09-11 09:36 - 2015-09-11 09:36 - 00197048 _____ C:\Users\Blady\Downloads\METAL GEAR SOLID V The Phantom Pain-FULL UNLOCKED-SG.torrent
2015-09-10 00:17 - 2015-09-10 00:17 - 00002294 _____ C:\Users\Blady\AppData\Local\recently-used.xbel
2015-09-09 22:49 - 2015-09-09 22:49 - 00021993 _____ C:\Users\Blady\Downloads\Dragon_Age _Inquisition_Update_1-2 5_ Incl DLC and Crack v3 _ 2014 _[3DM]_[EXE][Torrenty.org].torrent
2015-09-09 22:43 - 2015-09-09 22:43 - 00043981 _____ C:\Users\Blady\Downloads\WindowsGame.org dragon.age.inquisition.patch.2.3dm.crack.torrent
2015-09-08 22:51 - 2015-09-08 23:03 - 315417608 _____ (Lenovo Group Limited ) C:\Users\Blady\Downloads\49ra01ww.exe
2015-09-08 22:50 - 2015-09-08 22:51 - 03995240 _____ (Lenovo Group Limited ) C:\Users\Blady\Downloads\49la01ww.exe
2015-09-08 22:48 - 2015-09-08 22:50 - 61684632 _____ (Lenovo Group Limited ) C:\Users\Blady\Downloads\49iv03ww.exe
2015-09-08 22:46 - 2015-09-08 22:46 - 01562448 _____ (Lenovo Group Limited ) C:\Users\Blady\Downloads\49cs01ww.exe
2015-09-08 22:44 - 2015-09-08 22:47 - 87876688 _____ (Lenovo Group Limited ) C:\Users\Blady\Downloads\49ow03ww.exe
2015-09-08 19:32 - 2015-09-08 19:32 - 00011708 _____ C:\Users\Blady\Downloads\Windows 8 1 x64 [PL] [Lipiec 2015-NiKKA][Torrenty.org].torrent
2015-09-08 18:17 - 2015-09-08 18:33 - 317364792 _____ (Lenovo Group Limited ) C:\Users\Blady\Downloads\49ra01w7.exe
2015-09-08 18:15 - 2015-09-08 18:41 - 302380336 _____ (NVIDIA Corporation) C:\Users\Blady\Downloads\355.82-notebook-win8-win7-64bit-international-whql.exe
2015-09-08 18:01 - 2015-09-08 18:42 - 116767520 _____ (Lenovo Group Limited ) C:\Users\Blady\Downloads\49ow03w7.exe
2015-09-08 17:58 - 2015-09-08 17:59 - 06439568 _____ (Lenovo Group Limited ) C:\Users\Blady\Downloads\49rc01w7.exe
2015-09-08 17:51 - 2015-09-08 18:03 - 59825208 _____ (Lenovo Group Limited ) C:\Users\Blady\Downloads\49me01w7.exe
2015-09-08 17:51 - 2015-09-08 18:00 - 45314472 _____ (Lenovo Group Limited ) C:\Users\Blady\Downloads\49ix01w7.exe
2015-09-08 17:51 - 2015-09-08 17:51 - 05018752 _____ (Lenovo Group Limited ) C:\Users\Blady\Downloads\49us01w7.exe
2015-09-08 17:50 - 2015-09-08 17:50 - 01562448 _____ (Lenovo Group Limited ) C:\Users\Blady\Downloads\49cs01w7.exe
2015-09-08 17:02 - 2015-09-08 17:38 - 187832976 _____ (Lenovo Group Limited ) C:\Users\Blady\Downloads\49iw01w7.exe
2015-09-08 17:02 - 2015-09-08 17:10 - 194262912 _____ (Lenovo Group Limited ) C:\Users\Blady\Downloads\49wd01w7.exe
2015-09-06 16:52 - 2015-09-06 16:52 - 00391266 _____ C:\Users\Blady\Downloads\Recount-v6.2.2a_release.zip
2015-09-06 16:52 - 2015-09-06 16:52 - 00152401 _____ C:\Users\Blady\Downloads\Bagnon_6.2.4.zip
2015-09-06 16:48 - 2015-09-06 16:48 - 00000000 ____D C:\Users\Blady\Downloads\DBM-Core-6.2.2
2015-09-06 16:21 - 2015-07-01 20:21 - 00264704 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-09-06 16:21 - 2015-07-01 20:20 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-09-06 16:21 - 2015-07-01 19:52 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-09-06 16:21 - 2015-07-01 19:52 - 00087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-09-06 16:21 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-09-06 16:21 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-09-06 16:21 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-09-06 16:21 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-09-06 16:21 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-09-06 16:21 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-09-06 16:21 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-09-06 16:21 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-09-06 16:21 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-09-06 16:21 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-09-05 10:42 - 2015-09-05 10:42 - 00344724 _____ C:\Users\Blady\Downloads\Omen-v3.1.11.zip
2015-09-05 10:40 - 2015-09-05 10:40 - 02537496 _____ C:\Users\Blady\Downloads\DBM-Core-6.2.2.zip
2015-08-30 21:57 - 2015-08-30 22:05 - 00000000 ____D C:\Users\Blady\Desktop\muzyka
2015-08-26 09:41 - 2015-08-26 09:41 - 00000000 ____D C:\Users\Blady\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2015-09-21 09:50 - 2009-07-14 06:45 - 00028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-21 09:50 - 2009-07-14 06:45 - 00028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-21 09:49 - 2014-09-06 16:05 - 00000000 ____D C:\ProgramData\MFAData
2015-09-21 09:48 - 2014-10-19 12:25 - 00001002 _____ C:\Users\Public\Desktop\AVG 2015.lnk
2015-09-21 09:48 - 2014-09-06 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-09-21 09:47 - 2014-12-17 22:09 - 00003860 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1418846987
2015-09-21 09:47 - 2014-12-17 22:07 - 00000000 ____D C:\Program Files (x86)\Opera
2015-09-21 09:46 - 2014-09-06 11:28 - 01255797 _____ C:\Windows\WindowsUpdate.log
2015-09-21 09:45 - 2011-04-12 15:21 - 00739694 _____ C:\Windows\system32\perfh015.dat
2015-09-21 09:45 - 2011-04-12 15:21 - 00155268 _____ C:\Windows\system32\perfc015.dat
2015-09-21 09:45 - 2009-07-14 07:13 - 01668226 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-21 09:43 - 2014-09-06 17:59 - 00000000 ___RD C:\Users\Blady\Dropbox
2015-09-21 09:43 - 2014-09-06 17:56 - 00000000 ____D C:\Users\Blady\AppData\Roaming\Dropbox
2015-09-21 09:42 - 2014-09-06 13:47 - 00000000 ____D C:\Users\Blady\AppData\Roaming\Raptr
2015-09-21 09:41 - 2014-10-16 18:35 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2015-09-21 09:41 - 2014-09-06 11:51 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-21 09:41 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-21 09:41 - 2009-07-14 06:51 - 00296481 _____ C:\Windows\setupact.log
2015-09-14 20:18 - 2014-09-06 13:55 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-09-14 20:07 - 2015-06-19 19:52 - 00001162 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2220026274-96697493-1377027978-1000UA.job
2015-09-14 19:56 - 2014-09-06 11:51 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-14 19:55 - 2015-02-02 14:21 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-12 22:40 - 2014-09-10 15:20 - 00000000 ____D C:\Users\Blady\AppData\Roaming\X-Chat 2
2015-09-12 22:25 - 2014-11-08 21:51 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2015-09-12 22:24 - 2014-09-11 20:57 - 00000000 ____D C:\Users\Blady\AppData\Local\Battle.net
2015-09-12 22:24 - 2014-09-11 20:57 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-09-12 18:35 - 2010-11-21 05:47 - 00084542 _____ C:\Windows\PFRO.log
2015-09-12 16:34 - 2014-09-07 20:16 - 00000000 ____D C:\Users\Blady\AppData\Roaming\uTorrent
2015-09-11 18:47 - 2014-09-06 11:51 - 00000000 ____D C:\Users\Blady\AppData\Local\Google
2015-09-11 15:14 - 2015-06-19 19:52 - 00001110 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2220026274-96697493-1377027978-1000Core.job
2015-09-11 12:07 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-09-10 00:30 - 2014-09-09 22:07 - 00000000 ____D C:\Users\Blady\.gimp-2.8
2015-09-08 15:36 - 2015-03-28 16:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-09-07 18:33 - 2009-07-14 06:45 - 00426264 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-03 20:57 - 2014-09-07 18:39 - 00000000 ____D C:\Users\Blady\AppData\Local\Microsoft Help
2015-08-28 09:51 - 2014-09-06 11:51 - 00004044 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-28 09:51 - 2014-09-06 11:51 - 00003792 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-26 21:37 - 2015-05-06 16:57 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2015-08-23 13:05 - 2015-03-21 15:53 - 00000000 ____D C:\Users\Blady\Documents\gothic3
==================== Pliki w katalogu głównym wybranych folderów =======
2015-09-10 00:17 - 2015-09-10 00:17 - 0002294 _____ () C:\Users\Blady\AppData\Local\recently-used.xbel
Niektóre pliki w TEMP:
====================
C:\Users\Blady\AppData\Local\Temp\dotnetfx 3.5 sp1.exe
C:\Users\Blady\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbvgjuz.dll
C:\Users\Blady\AppData\Local\Temp\Gw2.exe
C:\Users\Blady\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Blady\AppData\Local\Temp\NMDJY21oMxEe.exe
C:\Users\Blady\AppData\Local\Temp\ose00000.exe
C:\Users\Blady\AppData\Local\Temp\Quarantine.exe
C:\Users\Blady\AppData\Local\Temp\raptrpatch.exe
C:\Users\Blady\AppData\Local\Temp\raptr_stub.exe
C:\Users\Blady\AppData\Local\Temp\sqlite3.dll
C:\Users\Blady\AppData\Local\Temp\SRLDetectionLibrary1453440101322684989.dll
C:\Users\Blady\AppData\Local\Temp\tmp1728.exe
C:\Users\Blady\AppData\Local\Temp\tmp57DF.exe
C:\Users\Blady\AppData\Local\Temp\tmp645D.exe
C:\Users\Blady\AppData\Local\Temp\tmp9C6E.exe
C:\Users\Blady\AppData\Local\Temp\tmpA4E5.exe
C:\Users\Blady\AppData\Local\Temp\tmpB22E.exe
C:\Users\Blady\AppData\Local\Temp\ubiD8A5.tmp.exe
C:\Users\Blady\AppData\Local\Temp\_is7A40.exe
C:\Users\Blady\AppData\Local\Temp\_isEC61.exe
==================== Bamital & volsnap =================
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo
C:\Windows\explorer.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo
C:\Windows\system32\services.exe => Plik podpisany cyfrowo
C:\Windows\system32\User32.dll => Plik podpisany cyfrowo
C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo
C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo
LastRegBack: 2015-09-11 10:58
==================== Koniec FRST.txt ============================